Our environment is under some pretty strict security requirements and it's causing lots of issues. First, we don't have an active directory set up (all local accounts, I know it's stupid but I'm just the idiot trying to clean it up). Then, we have this LocalAccountTokenFilterPolicy registry setting set to 1 so every time I try to run something I get permission errors as it lowers permissions.
I am allowed to temporarily disable the LocalAccountTokenFilterPolicy to do what I need to do, but need a mechanism to do that. I'm able to use win_command to do switch it from 1 to 0 but can't switch it from 0 - 1. Is there any way to get in with WinRM through ansible then run a command as an elevated user? Thanks! -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to ansible-project+unsubscr...@googlegroups.com. To post to this group, send email to ansible-project@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/3c6d0867-6bab-41fa-9981-0aa3cd54a7d9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
